[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: SELINUX admin with LDAP

From: Stephen Smalley <sds tycho nsa gov>
To: Rob Visser <visser rob gmail com>
Cc: Daniel J Walsh <dwalsh redhat com>, fedora-selinux-list redhat com
Subject: Re: SELINUX admin with LDAP
Date: Wed, 21 May 2008 07:50:44 -0400

On Wed, 2008-05-21 at 12:01 +0200, Rob Visser wrote:
> Hello,
>  
> Is it possible to administer SELINUX users and RBAC stuff in LDAP?
> With RH directory server?
> It would be nice, since all the other stuff can be administered in
> LDAP.

Not yet, but known as a need.  Likely would take the form of moving
seusers management out of libsemanage and adding a LDAP lookup back end
to libselinux getseuserbyname().  Then you could manage at least the
Linux user -> (SELinux user, MLS range) authorizations in LDAP.

-- 
Stephen Smalley
National Security Agency

References:
- SELINUX admin with LDAP
  - From: Rob Visser

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]